What is a Device Fingerprint?

Identification of visitors crucial to most web sites, either to provide content or track miscreants. The most common mechanism to track users is a simple cookie file. As browsers have evolved many have made tracking with this method problematic (e.g. by activating the “incognito” mode in web browsers). Cookies also fail to identify a user who uses several different web browsers on the same device. This led to the development of the device fingerprint — a unique user identifier which does not change between successive sessions and which does not depend on the selected web browser.

A device fingerprint is known by many names including a machine fingerprint, browser fingerprint, device print, user fingerprint and others. It is composed of information collected about an online computing device for the purpose of unique identification of the device on subsequent visits. A device fingerprint can fully or partially identify individual users or devices even when cookies and other tracking data is turned off.

Basic web browser information has long been collected by web analytics services in an effort to accurately measure real human web traffic and discount various forms of click fraud. With the assistance of client-side scripting languages, the collection of much more esoteric parameters is possible. Device fingerprints have proven useful in the detection and prevention of online identity theft and credit card fraud.

The Darkwave Technologies device fingerprint project was created to develop highly reliable code to make it simpler for developers to create a device fingerprint system for use in online fraud prevention and the prevention of general malicious behavior.

BackgroundWith the advent of the performance function in HTML it's now possible to zero in on the device's clock speed. Once you have this data you can tell if a device is running the browser on a peice of hardware or if it is a virtual machine. Virtual machines use either use a synthetic HPET based counter (typically showing as 10,000Mhz) or an ACPI based counter (typically showing as 35795 MHz).

How It WorksThe window.performance.now() yields a time measurement in milliseconds which is an integral number of the Windows performance counter ticks (1/f where f is the Windows performance counter frequency).By sampling window.performance.now() it is possible to determine the underlying time unit with some math. The more samples performed the better the results, with the downside of some latency. NOTE: Firefox claimed to have closed this detection but it seems that it does occasionally work in newer versions.

Entropy Estimate: TBD

CodeThe JavaScript function below fingerprints the timezone settings for the device. You may also download this code here: TBD. Note: Depending on your output method you may need to URL encode the returned results.

ValidationUnlike other code on the Internet we do everything possible to verify our code for you. In order to minimize problems and maximize compatibility this code has been verified with JSLint and has been extensively tested with over 1100 OS/Browser combinations using BrowserStack.